<?php
####################################################################
# User class: functions to work with user's account + authorisation#
####################################################################
// works fine
// TODO: change the error link in case if session expired
######HEADER#########

interface iUser
{
    // constractor to initialise local variables
    public function User();
    // authorising user
    public function Auth($login , $pass);
    // refreshing the authorisation
    public function Refresh();
    // get user's Ip
    public function GetIp();
    // get user's current hash
    public function GetCurId();
    // Login
    public function GetLogin();
    // Email
    public function GetEmail();
    // User's sex :)
    public function GetSex();
    // X/Y map _screen_ resolutions
    public function GetXMap();
    public function GetYMap();
}

class User implements iUser
{
    // user varibles
    private $ip;
    private $sess_id;
    private $login;
    private $email;
    private $sex;
    private $x_map_res;
    private $y_map_res;

    // preferences
    private $ses_name = 'hash';   // the name of the session to store the data
    private $column_name = 'authcodecolumn';
    private $column_time = 'authtime';

### END OF HEADER ###

    public function User()
    {
        global $db; // db ini

        $db = new DbMysql(); // db object

        // Geting user IP
        $this->ip = get_ip();
        
        $this->sess_id = mysql_real_escape_string(session_id());

        if ($db->IsExist('users', $this->column_name.' = \''.mysql_real_escape_string(session_id()).'\''))
        {

            // Personal information
            $user_info = $db->GetLine('users', $this->column_name.' = \''.mysql_real_escape_string(session_id()).'\'');
            $this->login = $user_info['login'];
            $this->email = $user_info['email'];
            $this->sex = $user_info['sex'];
            $this->x_map_res = $user_info['x_map_resolution'];
            $this->y_map_res = $user_info['y_map_resolution'];

        }
        // SECURITY TWINK (killing authorisation of everyone who is inactive for 30 mins)
        $db->UpdateData('users',array('authcodecolumn'=>'0'), $this->column_time.' < '.(time()-1800));
    }

    public function Auth($login , $pass)
    {
  
        global $db; // db ini
        // searching for free id
        while($db->IsExist('users', $this->column_name.' = \''.mysql_real_escape_string(session_id()).'\''))
            session_regenerate_id();
        $db->UpdateData('users', array($this->column_name => session_id(), $this->column_time => time()),'login = \''.mysql_real_escape_string($login).'\' && password = \''.md5($pass).'\'');
    }

    public function Refresh()
    {
        global $db; // db ini

        if ($db->IsExist('users', $this->column_name.' = \''.mysql_real_escape_string(session_id()).'\''))// && NOT '.$this->column_name.' = 0'))
        {
            while($db->IsExist('users', $this->column_name.' = \''.mysql_real_escape_string(session_id()).'\''))
                session_regenerate_id();
            //echo $this->sess_id;
            $db->UpdateData('users', array($this->column_name => $this->GetCurId(), $this->column_time => time()),$this->column_name.' = \''.$this->sess_id.'\'');
        }
        else
        {
            session_regenerate_id();  // killing cookies
            header("Location: login.php?error=1"); // TODO: here
            die();
        }
    }

    public function GetIp()
    {
        return $this->ip;
    }

    public function GetCurId()
    {
        return mysql_real_escape_string(session_id());
    }

    public function GetLogin()
    {
        return $this->login;
    }
    public function GetEmail()
    {
        return $this->email;
    }
    public function GetSex()
    {
        return $this->sex;
    }
    public function GetXMap()
    {
        return $this->x_map_res;
    }
    public function GetYMap()
    {
        return $this->y_map_res;
    }

}
?>
